Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/u2frg3KoQD50q-PpQ7hg2ohK62s.roa
File: u2frg3KoQD50q-PpQ7hg2ohK62s.roa (raw, json)
Hash identifier: 8D2/FSdhtguPDlwdWy9ZtE8qwsUTtlcLK88QqalH+/I=
Subject key identifier: BB:67:EB:83:72:A8:40:3E:74:AB:E3:E9:43:B8:60:DA:88:4A:EB:6B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018958E81BF739D8B77AEAF46DB66C5E35F2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/u2frg3KoQD50q-PpQ7hg2ohK62s.roa
Signing time: Sat 15 Jul 2023 09:35:53 +0000
ROA not before: Sat 15 Jul 2023 09:35:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.159.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:58:e8:1b:f7:39:d8:b7:7a:ea:f4:6d:b6:6c:5e:35:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 15 09:35:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb67eb8372a8403e74abe3e943b860da884aeb6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c5:0f:e7:7a:9e:59:9a:0e:22:b7:0c:ea:1b:
35:bc:c4:09:bc:a1:f3:9e:59:d7:31:10:61:24:93:
e2:03:e5:8b:4c:e4:d6:04:d5:27:7d:a4:6e:89:43:
55:33:2c:58:48:cc:e6:1d:3d:a3:4c:d3:cb:8e:b1:
05:9c:f0:24:6b:65:38:bb:3f:93:81:cb:73:80:85:
5c:e8:93:15:b6:8e:4c:ff:b6:50:f6:26:cc:40:11:
f9:fa:27:6d:67:b3:14:0c:27:82:04:29:6a:ff:08:
9d:44:21:61:43:a6:32:04:e2:34:2c:f9:64:ec:8f:
59:08:34:5f:14:2b:81:2b:c8:17:a9:f6:62:21:66:
0e:f8:96:37:3d:47:66:20:90:d8:dc:a6:58:00:b7:
30:ca:66:e9:3a:ee:1d:62:d5:7a:38:0e:69:d9:e2:
75:1f:9b:56:29:bf:9c:c4:e7:1f:12:17:57:48:8d:
c3:41:db:61:91:f9:18:e0:23:1a:01:7c:27:36:63:
38:d9:1e:6f:a8:9b:1a:a6:76:0b:e7:7f:1c:8b:76:
ef:e8:d7:18:42:9b:36:ea:9c:a8:d0:f2:8e:a0:4d:
9a:41:ff:92:58:f6:a2:25:45:2c:8d:74:e6:13:81:
5c:20:bb:ce:ff:4d:01:22:e7:56:59:e2:17:00:84:
1a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:67:EB:83:72:A8:40:3E:74:AB:E3:E9:43:B8:60:DA:88:4A:EB:6B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/u2frg3KoQD50q-PpQ7hg2ohK62s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/23
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.103.72.0/24
185.135.140.0/24
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.132.0/23
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.230.0/24
188.240.233.0/24
188.241.110.0/24
188.241.214.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
90:6b:09:b5:8f:ca:66:27:e0:41:c2:e4:91:2c:d8:40:25:56:
52:40:7a:5e:56:0c:ff:0f:2f:f5:67:7e:18:a8:72:be:b7:8e:
5e:e3:9c:ba:b8:06:be:f1:5f:e1:bf:9f:a3:27:20:8e:ca:f0:
71:85:54:82:fd:3a:67:43:d1:a9:b0:3d:36:c2:93:d3:3a:e2:
07:ff:bc:59:f8:d1:44:1e:b6:85:a9:69:21:a9:b5:45:fd:34:
ca:44:06:04:1d:ea:55:82:0d:d7:07:06:87:a8:4d:12:43:b4:
69:38:d1:68:d3:51:3e:50:53:b5:32:89:dd:0d:1c:d1:7f:2f:
23:07:37:8f:32:b0:19:bb:dc:1b:ae:ce:ef:55:a5:9f:66:7a:
28:8c:a0:6e:0f:0a:46:55:cd:fe:30:86:86:1f:1e:c4:b5:32:
e7:8d:5b:d7:9c:65:7e:78:99:fc:59:2a:d2:4e:fe:ab:1c:16:
a0:94:b9:c7:32:87:4b:73:50:14:17:52:0c:22:de:8f:f6:1e:
ee:2b:b7:65:a6:c6:07:41:61:8e:6e:77:c8:f0:84:93:aa:f5:
97:ee:df:47:dd:dc:55:63:55:61:93:9f:23:e8:7f:05:fa:34:
da:f6:8c:70:e3:97:4d:79:09:17:7f:8b:dd:8b:f5:87:cb:91:
55:9a:2c:d8
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAYlY6Bv3Odi3eur0bbZsXjXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzE1MDkzNTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY3ZWI4MzcyYTg0MDNlNzRhYmUzZTk0M2I4NjBkYTg4NGFlYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8UP53qeWZoOIrcM6hs1vMQJvKHz
nlnXMRBhJJPiA+WLTOTWBNUnfaRuiUNVMyxYSMzmHT2jTNPLjrEFnPAka2U4uz+T
gctzgIVc6JMVto5M/7ZQ9ibMQBH5+idtZ7MUDCeCBClq/widRCFhQ6YyBOI0LPlk
7I9ZCDRfFCuBK8gXqfZiIWYO+JY3PUdmIJDY3KZYALcwymbpOu4dYtV6OA5p2eJ1
H5tWKb+cxOcfEhdXSI3DQdthkfkY4CMaAXwnNmM42R5vqJsapnYL538ci3bv6NcY
Qps26pyo0PKOoE2aQf+SWPaiJUUsjXTmE4FcILvO/00BIudWWeIXAIQa3QIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFLtn64NyqEA+dKvj6UO4YNqISutrMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdTJmcmczS29RRDUwcS1QcFE3aGcyb2hLNjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAAt
nJ0DBAAtnJ8DBAJX95QDBAFZIVQDBAFZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAC5
Z0gDBAC5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAME
AbzUhAMEALzUmwMEALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw5gME
ALzw6QMEALzxbgMEALzx1gMEALzx8wMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsF
AAOCAQEAkGsJtY/KZifgQcLkkSzYQCVWUkB6XlYM/w8v9Wd+GKhyvreOXuOcurgG
vvFf4b+foycgjsrwcYVUgv06Z0PRqbA9NsKT0zriB/+8WfjRRB62halpIam1Rf00
ykQGBB3qVYIN1wcGh6hNEkO0aTjRaNNRPlBTtTKJ3Q0c0X8vIwc3jzKwGbvcG67O
71Wln2Z6KIygbg8KRlXN/jCGhh8exLUy541b15xlfniZ/Fkq0k7+qxwWoJS5xzKH
S3NQFBdSDCLej/Ye7iu3ZabGB0Fhjm53yPCEk6r1l+7fR93cVWNVYZOfI+h/Bfo0
2vaMcOOXTXkJF3+L3Yv1h8uRVZos2A==
-----END CERTIFICATE-----
Generated at Fri Jul 21 05:10:25 2023 by rpki-client on console-fra.rpki-client.org